# Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 # $Header: $ ETYPE="sources" inherit kernel-2 detect_version PAX_VER=200402250000 OPENPAX_VER=0.11 SSP_VER=2 NETRAND_CORE_VER="${OKV}" NETRAND_DRIVERS_VER="${OKV}" # SRC_URI's PAX_SRC="http://pax.grsecurity.net/pax-linux-${OKV}-${PAX_VER}.patch" OPENPAX_SRC="http://openpax.net/linux-${OKV}-openpax-${OPENPAX_VER}.patch" SSP_SRC="http://openpax.net/linux-${OKV}-ssp-config-${SSP_VER}.patch" NETRAND_CORE_SRC="http://zeus.polsl.gliwice.pl/~albeiro/netdev-random/netdev-random-core-${NETRAND_CORE_VER}.patch" NETRAND_DRIVERS_SRC="http://zeus.polsl.gliwice.pl/~albeiro/netdev-random/netdev-random-drivers-${NETRAND_DRIVERS_VER}.patch" KEYWORDS="x86" UNIPATCH_LIST="${DISTDIR}/pax-linux-${OKV}-${PAX_VER}.patch ${DISTDIR}/linux-${OKV}-openpax-${OPENPAX_VER}.patch ${DISTDIR}/linux-${OKV}-ssp-config-${SSP_VER}.patch ${DISTDIR}/netdev-random-core-${NETRAND_CORE_VER}.patch ${DISTDIR}/netdev-random-drivers-${NETRAND_DRIVERS_VER}.patch" DESCRIPTION="Hardened sources for the ${KV_MAJOR}.${KV_MINOR} kernel tree" SRC_URI="${KERNEL_URI} ${PAX_SRC} ${OPENPAX_SRC} ${SSP_SRC} ${NETRAND_CORE_SRC} ${NETRAND_DRIVERS_SRC}" UNIPATCH_STRICTORDER="yes" pkg_postinst() { postinst_sources einfo "UNIPATCH_LIST=\($(for p in $UNIPATCH_LIST ; do echo -n "$(basename ${p} .patch), " ; done ; date -u +%Y%m%d.%s)\)" ewarn "IMPORTANT:" ewarn "ptyfs support has now been dropped from devfs and as a" ewarn "result you are now required to compile this support into" ewarn "the kernel. You can do so by enabling the following options" ewarn " Device Drivers -> Character devices -> Unix98 PTY Support" ewarn " File systems -> Pseudo filesystems -> /dev/pts filesystem." echo if [ ! `use selinux` ] ; then einfo " basically, the only things keeping me from doing a 2.6 port now are time and motivation." ewarn "NOTE: Grsecurity does not exist for 2.6.x as of yet, and depending" ewarn "on its future design compatibility may or may not be included in" ewarn "future hardened-sources." fi echo }